Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZifMq23C6VhuLMEbJ5VzWjH9m4o.cer
File: ZifMq23C6VhuLMEbJ5VzWjH9m4o.cer (raw, json)
Hash identifier: fxboCrxWIMXLplXBuSpVZEc1i1pSaq0yZmYBu/FDkVE=
Subject key identifier: 66:27:CC:AB:6D:C2:E9:58:6E:2C:C1:1B:27:95:73:5A:31:FD:9B:8A
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 02A7DC
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91269B8/4ABAFEDE839411E5B01B591CC4F9AE02/ZifMq23C6VhuLMEbJ5VzWjH9m4o.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91269B8/4ABAFEDE839411E5B01B591CC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Tue 31 Mar 2026 12:39:10 +0000
Certificate not after: Fri 28 May 2027 00:00:00 +0000
Subordinate resources: AS: 7491
AS: 45126
IP: 117.58.192.0/19
IP: 119.111.0.0/16
IP: 210.1.96.0 -- 210.1.143.255
IP: 210.23.96.0/19
IP: 210.23.160.0 -- 210.23.255.255
IP: 221.121.96.0/19
IP: 2404:d800::/32
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 13 Apr 2026 02:50:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 174044 (0x2a7dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Mar 31 12:39:10 2026 GMT
Not After : May 28 00:00:00 2027 GMT
Subject: CN=A91269B8, serialNumber=6627CCAB6DC2E9586E2CC11B2795735A31FD9B8A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:36:bd:a0:72:40:6a:47:3a:20:ed:70:f4:78:
22:6a:ea:a2:14:ca:b4:45:63:7f:d9:91:70:31:ec:
e3:22:67:c1:e2:b1:05:38:d0:cd:de:85:03:09:d9:
c7:4a:2d:ff:b8:45:74:a3:20:8f:24:4c:0e:e8:89:
36:47:89:fb:cd:78:d8:24:c5:d1:8c:71:f0:89:da:
0b:29:ae:55:6b:4b:b5:96:4c:b2:d6:f8:8e:31:14:
07:88:30:03:58:22:eb:5b:7d:eb:09:7c:c1:14:88:
af:fb:6b:8a:8e:d1:fd:e2:3b:43:c3:06:d8:82:3c:
df:94:89:88:c7:71:62:a9:e4:cb:cf:02:1d:df:6a:
f1:d1:85:5b:c2:9c:ab:ab:13:52:3d:0f:59:b7:42:
92:28:1c:41:4d:c0:42:2f:da:15:7e:97:d0:00:29:
7e:8d:18:bd:f2:f6:5a:58:f3:ef:1a:4d:f0:11:72:
94:0b:49:5a:e1:c8:88:7b:9c:6e:f2:10:26:ec:c5:
69:8e:59:f9:38:7e:50:24:50:d6:11:b1:97:b5:79:
ee:02:cf:07:a7:0b:5c:ee:1f:85:ad:3e:d6:6d:01:
93:d3:8e:5a:8b:81:e1:03:05:b4:51:d5:7d:6d:56:
ee:cb:28:93:1f:fe:71:83:fd:6e:10:0b:60:38:4b:
41:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:27:CC:AB:6D:C2:E9:58:6E:2C:C1:1B:27:95:73:5A:31:FD:9B:8A
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91269B8/4ABAFEDE839411E5B01B591CC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91269B8/4ABAFEDE839411E5B01B591CC4F9AE02/ZifMq23C6VhuLMEbJ5VzWjH9m4o.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
7491
45126
sbgp-ipAddrBlock: critical
IPv4:
117.58.192.0/19
119.111.0.0/16
210.1.96.0-210.1.143.255
210.23.96.0/19
210.23.160.0-210.23.255.255
221.121.96.0/19
IPv6:
2404:d800::/32
Signature Algorithm: sha256WithRSAEncryption
24:09:c5:62:10:bf:7b:fb:ab:bc:ca:0d:ca:a7:00:66:ca:57:
2e:17:3e:6b:24:51:6e:c5:19:38:4a:db:a0:32:d4:29:ce:b6:
ca:39:73:30:55:4f:21:b3:d0:33:01:19:43:13:eb:04:cd:5b:
68:02:76:33:46:91:df:ae:49:42:97:d4:fb:24:c1:8c:cc:71:
34:6c:b7:95:a1:90:ff:af:ab:4c:97:e1:88:8f:80:ec:f7:35:
15:7c:11:03:8e:63:e4:a6:a8:96:05:7e:e4:bf:28:bc:5c:68:
b6:9e:98:c4:e9:f0:17:a2:c5:7d:7c:dc:a7:f2:c3:6f:a6:55:
72:20:aa:75:34:71:ae:c9:d2:cf:10:d2:b8:b8:f5:e6:71:16:
c3:84:29:b1:77:c8:b7:3c:6a:ac:46:af:ba:54:78:b4:f2:1c:
08:24:2f:c3:5f:c5:25:11:fc:58:14:87:64:54:2e:90:68:bc:
b0:d4:9c:42:a4:50:50:53:e7:b3:66:bc:98:df:fb:46:e7:0b:
ee:d8:0a:fa:9c:2d:0c:20:f8:b6:80:0f:a3:ff:31:75:e1:d4:
e8:fe:34:bd:0a:3b:0f:6a:a4:c2:01:ea:aa:a3:41:95:f7:a4:
43:c3:c2:54:24:e0:59:35:ba:7e:73:40:4a:39:bf:0b:5e:7e:
1a:0a:c3:98
-----BEGIN CERTIFICATE-----
MIIGWTCCBUGgAwIBAgIDAqfcMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI2MDMzMTEyMzkxMFoXDTI3MDUyODAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMjY5QjgxMTAvBgNVBAUTKDY2MjdDQ0FCNkRDMkU5NTg2RTJDQzEx
QjI3OTU3MzVBMzFGRDlCOEEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDHNr2gckBqRzog7XD0eCJq6qIUyrRFY3/ZkXAx7OMiZ8HisQU40M3ehQMJ2cdK
Lf+4RXSjII8kTA7oiTZHifvNeNgkxdGMcfCJ2gsprlVrS7WWTLLW+I4xFAeIMANY
IutbfesJfMEUiK/7a4qO0f3iO0PDBtiCPN+UiYjHcWKp5MvPAh3favHRhVvCnKur
E1I9D1m3QpIoHEFNwEIv2hV+l9AAKX6NGL3y9lpY8+8aTfARcpQLSVrhyIh7nG7y
ECbsxWmOWfk4flAkUNYRsZe1ee4CzwenC1zuH4WtPtZtAZPTjlqLgeEDBbRR1X1t
Vu7LKJMf/nGD/W4QC2A4S0FNAgMBAAGjggNOMIIDSjAdBgNVHQ4EFgQUZifMq23C
6VhuLMEbJ5VzWjH9m4owHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTI2OUI4LzRBQkFGRURFODM5NDExRTVCMDFCNTkxQ0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEyNjlCOC80QUJBRkVERTgzOTQxMUU1QjAxQjU5MUNDNEY5QUUwMi9aaWZNcTIz
QzZWaHVMTUViSjVWeldqSDltNG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQgBAf8EDzAN
oAswCQICHUMCAwCwRjBaBggrBgEFBQcBBwEB/wRLMEkwOAQCAAEwMgMEBXU6wAMD
AHdvMAwDBAXSAWADBATSAYADBAXSF2AwCwMEBdIXoAMDA9IQAwQF3XlgMA0EAgAC
MAcDBQAkBNgAMA0GCSqGSIb3DQEBCwUAA4IBAQAkCcViEL97+6u8yg3KpwBmylcu
Fz5rJFFuxRk4StugMtQpzrbKOXMwVU8hs9AzARlDE+sEzVtoAnYzRpHfrklCl9T7
JMGMzHE0bLeVoZD/r6tMl+GIj4Ds9zUVfBEDjmPkpqiWBX7kvyi8XGi2npjE6fAX
osV9fNyn8sNvplVyIKp1NHGuydLPENK4uPXmcRbDhCmxd8i3PGqsRq+6VHi08hwI
JC/DX8UlEfxYFIdkVC6QaLyw1JxCpFBQU+ezZryY3/tG5wvu2Ar6nC0MIPi2gA+j
/zF14dTo/jS9CjsPaqTCAeqqo0GV96RDw8JUJOBZNbp+c0BKOb8LXn4aCsOY
-----END CERTIFICATE-----
Generated at Mon Apr 6 07:14:16 2026 by rpki-client